The bundled authentication and authorization modules have
been refactored. The new mod_authn_alias module
can greatly simplify certain authentication configurations.
See module name changes, and
the developer changes for more
information about how these changes affects users and module
writers.

The default configuration layout has been simplified and
modularised. Configuration snippets which can be used to
enable commonly-used features are now bundled with Apache, and
can be easily added to the main server config.

mod_filter introduces dynamic configuration
to the output filter chain. It enables filters to be conditionally
inserted, based on any Request or Response header or environment
variable, and dispenses with the more problematic dependencies and
ordering problems in the 2.0 architecture.

Large File Support

httpd is now built with support for files larger
than 2GB on modern 32-bit Unix systems. Support for handling
>2GB request bodies has also been added.

Event MPM

The event MPM uses a separate thread to handle
Keep Alive requests and accepting connections. Keep Alive requests
have traditionally required httpd to dedicate a worker to handle it.
This dedicated worker could not be used again until the Keep Alive
timeout was reached.

SQL Database Support

mod_dbd, together with the apr_dbd
framework, brings direct SQL support to modules that need it.
Supports connection pooling in threaded MPMs.

Modules in the aaa directory have been renamed and offer
better support for digest authentication. For example,
mod_auth is now split into
mod_auth_basic and
mod_authn_file; mod_auth_dbm is now
called mod_authn_dbm; mod_access has
been renamed mod_authz_host. There is also a new
mod_authn_alias module for simplifying
certain authentication configurations.

Added a new ?config argument which will show
the configuration directives as parsed by Apache, including
their file name and line number. The module also
shows the order of all request hooks and additional
build information, similar to httpd -V.

There is a new authentication backend provider
scheme which greatly eases the construction of new authentication
backends.

Connection Error Logging

A new function, ap_log_cerror has been added to log
errors that occur with the client's connection. When logged,
the message includes the client IP address.

Test Configuration Hook Added

A new hook, test_config has been added to aid
modules that want to execute special code only when the user passes
-t to httpd.

Set Threaded MPM's Stacksize

A new directive, ThreadStackSize has been added to
set the stack size on all threaded MPMs. This is required
for some third-party modules on platforms with small default
thread stack size.

Protocol handling for output filters

In the past, every filter has been responsible for ensuring
that it generates the correct response headers where it affects
them. Filters can now delegate common protocol management to
mod_filter, using the
ap_register_output_filter_protocol or
ap_filter_protocol calls.

Monitor hook added

Monitor hook enables modules to run regular/scheduled jobs
in the parent (root) process.

Regular expression API changes

The pcreposix.h header is no longer available;
it is replaced by the new ap_regex.h header. The
POSIX.2 regex.h implementation exposed by the old
header is now available under the ap_ namespace
from ap_regex.h. Calls to regcomp,
regexec and so on can be replaced by calls to
ap_regcomp, ap_regexec.

DBD Framework (SQL Database API)

With Apache 1.x and 2.0, modules requiring an SQL backend
had to take responsibility for managing it themselves. Apart
from reinventing the wheel, this can be very inefficient, for
example when several modules each maintain their own connections.

Apache 2.1 and later provides the ap_dbd API for
managing database connections (including optimised strategies
for threaded and unthreaded MPMs), while APR 1.2 and later provides
the apr_dbd API for interacting with the database.

New modules SHOULD now use these APIs for all SQL database
operations. Existing applications SHOULD be upgraded to use it
where feasible, either transparently or as a recommended option
to their users.

Notice:This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.